package com.turtle.security.security.controller;

import com.turtle.security.common.annotation.OperateLog;
import com.turtle.security.common.utils.ApiResult;
import com.turtle.security.organizates.entity.SysUser;
import com.turtle.security.organizates.service.impl.SysUserServiceImpl;
import com.turtle.security.security.dto.AuthUserDTO;
import com.turtle.security.security.dto.LoginDTO;
import com.turtle.security.security.dto.RegisterDTO;
import com.turtle.security.security.service.AuthService;
import com.turtle.security.security.service.TokenOperatorService;
import com.turtle.security.security.utils.SecurityUtils;
import com.turtle.security.system.enums.OperateClient;
import com.turtle.security.system.enums.OperateType;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.AllArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/**
 * 认证授权控制器
 *
 * @author turtle
 * date: 2020-05-28
 */
@RestController
@Api(tags = "认证授权中心", value = "认证授权中心")
@RequestMapping("/security/auth")
@AllArgsConstructor(onConstructor = @__(@Autowired))
public class AuthController {

    private final TokenOperatorService tokenOperatorService;
    private final AuthService authService;
    private final SysUserServiceImpl userService;

    /**
     * 用户登录-账号密码
     *
     * @param login 登录信息
     * @return token 登录凭证
     */
    @ApiOperation(value = "用户登录-账号密码")
    @PostMapping("login")
    @OperateLog(operateClient = OperateClient.MANAGE, module = "认证授权模块", operateType = OperateType.LOGIN, description = "用户登录-账号密码")
    public ApiResult login(@Validated @RequestBody LoginDTO login) {
        // 校验登录
        AuthUserDTO authUser = authService.login(login.getUserName(), login.getPassword());
        return ApiResult.success(tokenOperatorService.generateToken(authUser), "登录成功");

    }

    /**
     * 用户注册-账号密码
     *
     * @param register 注册信息
     * @return 注册结果
     */
    @ApiOperation(value = "用户注册-账号密码")
    @PostMapping("register")
    @OperateLog(operateClient = OperateClient.MANAGE, module = "认证授权模块", operateType = OperateType.REGISTER, description = "用户注册-账号密码")
    public ApiResult register(@Validated @RequestBody RegisterDTO register) {
        // 判断注册账号是否存在
        SysUser user = userService.getUserByUsername(register.getUserName());
        if (user != null) {
            return ApiResult.error("该用户账号已存在");
        }
        // 密码加密
        String encryptPassword = SecurityUtils.encryptPassword(register.getPassword());
        SysUser registerUser = SysUser.builder()
            .userName(register.getUserName())
            .nickName(register.getNickName())
            .password(encryptPassword)
            .build();
        // 保存至数据库
        return ApiResult.success(userService.save(registerUser));
    }

    /**
     * 获取登录用户信息
     *
     * @return 用户信息
     */
    @ApiOperation(value = "获取登录用户信息")
    @GetMapping("info")
    @OperateLog(operateClient = OperateClient.MANAGE, module = "认证授权模块", operateType = OperateType.DETAIL, description = "获取登录用户信息")
    public ApiResult getLoginUserInfo() {
        RequestAttributes attributes = RequestContextHolder.getRequestAttributes();
        AuthUserDTO authUser = tokenOperatorService.getAuthUserByToken(((ServletRequestAttributes) attributes).getRequest());
        return ApiResult.success(authUser);

    }
}
